package org.annoflow.filter.boundry;

import org.annoflow.audit.ContextTracker;
import org.annoflow.filter.FilterPoint;
import org.annoflow.policy.PolicyType;
import org.annoflow.policy.PolicyManager;
import org.annoflow.policy.boundry.InsecureClassPolicy;
import org.annoflow.policy.boundry.SecureClassPolicy;

public class SecureMethodFilter implements FilterPoint {
	
	@Override
	public String getFilterCode() {
		return "org.annoflow.filter.boundry.SecureMethodFilter.checkCaller($0);";
	}
	public static void checkCaller(Object o)
	{
		try {
			String context = ContextTracker.getInstance().getCallerContext();
			Class<?> clazz;
			PolicyType classPolicy, objectPolicy;
			if(context != null)
			{
				clazz = o.getClass().forName(context, true, o.getClass().getClassLoader());
				 classPolicy = PolicyManager.lookupClassPolicy(clazz);
			}
			else
			{
				clazz = null;
				classPolicy = null;
			}
			objectPolicy = PolicyManager.lookupObjectPolicy(o);
			if(!(objectPolicy == null || objectPolicy instanceof InsecureClassPolicy) && (classPolicy == null ||classPolicy instanceof InsecureClassPolicy))
			{
				throw new UnsecureCallException("The method was called by an unsecure class.");
			}
		} catch (ClassNotFoundException e) {
			// TODO Auto-generated catch block
			System.err.println("Could not check Caller");
		}
		
	}
	@Override
	public String getReturnFilterCode() {
		// TODO Auto-generated method stub
		return null;
	}

}
